Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
93b74370 by Salvatore Bonaccorso at 2026-03-11T22:16:04+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -25,7 +25,7 @@ CVE-2026-3231 (The Checkout Field Editor (Checkout Manager)
for WooCommerce plug
CVE-2026-3178 (The Name Directory plugin for WordPress is vulnerable to Stored
Cross- ...)
NOT-FOR-US: WordPress plugin
CVE-2026-3013 (Coppermine Photo Gallery in versions 1.6.09 through 1.6.27is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: Coppermine Photo Gallery
CVE-2026-32234 (Parse Server is an open source backend that can be deployed to
any inf ...)
NOT-FOR-US: Parse Server
CVE-2026-32229 (In JetBrains Hub before 2026.1 possible on sign-in account
mismatch wi ...)
@@ -59,11 +59,11 @@ CVE-2026-31975 (Cloud CLI (aka Claude Code UI) is a desktop
and mobile UI for Cl
CVE-2026-31974 (OpenProject is an open-source, web-based project management
software. ...)
NOT-FOR-US: OpenProject
CVE-2026-31961 (Quill provides simple mac binary signing and notarization from
any pla ...)
- TODO: check
+ NOT-FOR-US: Quill
CVE-2026-31960 (Quill provides simple mac binary signing and notarization from
any pla ...)
- TODO: check
+ NOT-FOR-US: Quill
CVE-2026-31959 (Quill provides simple mac binary signing and notarization from
any pla ...)
- TODO: check
+ NOT-FOR-US: Quill
CVE-2026-31958 (Tornado is a Python web framework and asynchronous networking
library. ...)
TODO: check
CVE-2026-31957 (Himmelblau is an interoperability suite for Microsoft Azure
Entra ID a ...)
@@ -101,43 +101,43 @@ CVE-2026-31876 (Notesnook is a note-taking app focused on
user privacy & ease of
CVE-2026-31875 (Parse Server is an open source backend that can be deployed to
any inf ...)
NOT-FOR-US: Parse Server
CVE-2026-31874 (Taskosaur is an open source project management platform with
conversat ...)
- TODO: check
+ NOT-FOR-US: Taskosaur
CVE-2026-31872 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-31871 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-31870 (cpp-httplib is a C++11 single-file header-only cross platform
HTTP/HTT ...)
TODO: check
CVE-2026-31868 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-31867 (Craft Commerce is an ecommerce platform for Craft CMS. Prior
to 4.11.0 ...)
- TODO: check
+ NOT-FOR-US: Craft Commerce
CVE-2026-31866 (flagd is a feature flag daemon with a Unix philosophy. Prior
to 0.14.2 ...)
TODO: check
CVE-2026-31863 (Anytype Heart is the middleware library for Anytype. The
challenge-bas ...)
- TODO: check
+ NOT-FOR-US: Anytype Heart
CVE-2026-31862 (Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for
Claude C ...)
- TODO: check
+ NOT-FOR-US: Cloud CLI (aka Claude Code UI)
CVE-2026-31861 (Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for
Claude C ...)
- TODO: check
+ NOT-FOR-US: Cloud CLI (aka Claude Code UI)
CVE-2026-31859 (Craft is a content management system (CMS). The fix for
CVE-2025-35939 ...)
- TODO: check
+ NOT-FOR-US: Craft CMS
CVE-2026-31858 (Craft is a content management system (CMS). The
ElementSearchControlle ...)
- TODO: check
+ NOT-FOR-US: Craft CMS
CVE-2026-31857 (Craft is a content management system (CMS). Prior to 5.9.9 and
4.17.4, ...)
- TODO: check
+ NOT-FOR-US: Craft CMS
CVE-2026-31856 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-31854 (Cursor is a code editor built for programming with AI. Prior
to 2.0 ,i ...)
- TODO: check
+ NOT-FOR-US: Cursor
CVE-2026-31853 (ImageMagick is free and open-source software used for editing
and mani ...)
TODO: check
CVE-2026-31852 (Jellyfin is an open-source media system. The code-quality.yml
GitHub A ...)
TODO: check
CVE-2026-31840 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-31839 (Striae is a firearms examiner's comparison companion. A
high-severity ...)
- TODO: check
+ NOT-FOR-US: STriae
CVE-2026-31813 (Supabase Auth is a JWT based API for managing users and
issuing JWT to ...)
TODO: check
CVE-2026-30903 (External Control of File Name or Path in the Mail feature of
Zoom Work ...)
@@ -149,19 +149,19 @@ CVE-2026-30901 (Improper Input Validation in Zoom Rooms
for Windows before 6.6.5
CVE-2026-30900 (Improper Check of minimum version in update functionality of
certain Z ...)
NOT-FOR-US: Zoom
CVE-2026-30868 (OPNsense is a FreeBSD based firewall and routing platform.
Prior to 26 ...)
- TODO: check
+ NOT-FOR-US: OPNsense
CVE-2026-30741 (A remote code execution (RCE) vulnerability in OpenClaw Agent
Platform ...)
NOT-FOR-US: OpenClaw
CVE-2026-30239 (OpenProject is an open-source, web-based project management
software. ...)
- TODO: check
+ NOT-FOR-US: OpenProject
CVE-2026-30236 (OpenProject is an open-source, web-based project management
software. ...)
- TODO: check
+ NOT-FOR-US: OpenProject
CVE-2026-30235 (OpenProject is an open-source, web-based project management
software. ...)
- TODO: check
+ NOT-FOR-US: OpenProject
CVE-2026-30234 (OpenProject is an open-source, web-based project management
software. ...)
- TODO: check
+ NOT-FOR-US: OpenProject
CVE-2026-30226 (Svelte devalue is a JavaScript library that serializes values
into str ...)
- TODO: check
+ NOT-FOR-US: Svelte
CVE-2026-29777 (Traefik is an HTTP reverse proxy and load balancer. Prior to
3.6.10, A ...)
TODO: check
CVE-2026-28803 (Open Forms allows users create and publish smart forms. Prior
to 3.3.1 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93b74370b64e5d9acbef690081c5978c9037b849
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93b74370b64e5d9acbef690081c5978c9037b849
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
